Skip to content

Commit

Permalink
Fix OAuth sample config and add docker-compose for OAuth testing server
Browse files Browse the repository at this point in the history
  • Loading branch information
longquanzheng authored Aug 30, 2021
1 parent 5191468 commit 4c2bcc7
Show file tree
Hide file tree
Showing 4 changed files with 118 additions and 20 deletions.
1 change: 1 addition & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@ COPY --from=builder /cadence/schema /etc/cadence/schema

COPY docker/entrypoint.sh /docker-entrypoint.sh
COPY config/dynamicconfig /etc/cadence/config/dynamicconfig
COPY config/credentials /etc/cadence/config/credentials
COPY docker/config_template.yaml /etc/cadence/config
COPY docker/start-cadence.sh /start-cadence.sh

Expand Down
63 changes: 43 additions & 20 deletions config/development_oauth.yaml
Original file line number Diff line number Diff line change
@@ -1,33 +1,56 @@
archival:
history:
status: "disabled"
enableRead: false
visibility:
status: "disabled"
enableRead: false
persistence:
advancedVisibilityStore: es-visibility
datastores:
es-visibility:
elasticsearch:
version: "v7"
url:
scheme: "http"
host: "127.0.0.1:9200"
indices:
visibility: cadence-visibility-dev

domainDefaults:
archival:
history:
status: "disabled"
URI: ""
kafka:
tls:
enabled: false
clusters:
test:
brokers:
- 127.0.0.1:9092
topics:
cadence-visibility-dev:
cluster: test
cadence-visibility-dev-dlq:
cluster: test
applications:
visibility:
status: "disabled"
URI: ""
topic: cadence-visibility-dev
dlq-topic: cadence-visibility-dev-dlq

dynamicconfig:
client: filebased
filebased:
filepath: "config/dynamicconfig/development.yaml"

blobstore:
filestore:
outputDirectory: "/tmp/blobstore"
filepath: "config/dynamicconfig/development_es.yaml"

authorization:
oauthAuthorizer:
enable: true
maxJwtTTL: 600000000
jwtCredentials:
algorithm: "RS256"
publicKey: "config/credentials/keytest.pub"
publicKey: "config/credentials/keytest.pub"

clusterGroupMetadata:
enableGlobalDomain: true
failoverVersionIncrement: 10
masterClusterName: "active"
currentClusterName: "active"
clusterGroup:
active:
enabled: true
initialFailoverVersion: 0
rpcAddress: "localhost:7933" # this is to let worker service and XDC replicator connected to the frontend service. In cluster setup, localhost will not work
authorizationProvider:
enable: true
type: "OAuthAuthorization"
privateKey: "config/credentials/keytest"
16 changes: 16 additions & 0 deletions docker/config_template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -216,13 +216,21 @@ clusterGroupMetadata:
rpcName: "cadence-frontend"
rpcAddress: {{ default .Env.PRIMARY_FRONTEND_SERVICE "cadence" }}:{{ default .Env.FRONTEND_PORT "7833" }}
rpcTransport: "grpc"
authorizationProvider:
enable: {{ default .Env.ENABLE_OAUTH "false" }}
type: "OAuthAuthorization"
privateKey: {{ default .Env.OAUTH_PRIVATE_KEY "" }}
{{- if .Env.ENABLE_GLOBAL_DOMAIN }}
secondary:
enabled: true
initialFailoverVersion: 2
rpcName: "cadence-frontend"
rpcAddress: {{ default .Env.SECONDARY_FRONTEND_SERVICE "cadence-secondary" }}:{{ default .Env.FRONTEND_PORT "7833" }}
rpcTransport: "grpc"
authorizationProvider:
enable: { { default .Env.ENABLE_OAUTH "false" } }
type: "OAuthAuthorization"
privateKey: { { default .Env.OAUTH_PRIVATE_KEY "" } }
{{- end }}


Expand Down Expand Up @@ -284,3 +292,11 @@ dynamicconfig:
blobstore:
filestore:
outputDirectory: {{ default .Env.FILE_BLOB_STORE_OUTPUT_DIRECTYORY "" }}

authorization:
oauthAuthorizer:
enable: {{ default .Env.ENABLE_OAUTH "false" }}
maxJwtTTL: {{ default .Env.OAUTH_MAX_JWT_TTL "86400" }}
jwtCredentials:
algorithm: "RS256"
publicKey: {{ default .Env.OAUTH_PUBLIC_KEY "" }}
58 changes: 58 additions & 0 deletions docker/docker-compose-oauth.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
version: '3'
services:
cassandra:
image: cassandra:3.11
ports:
- "9042:9042"
prometheus:
image: prom/prometheus:latest
volumes:
- ./prometheus_config.yml:/etc/prometheus/prometheus.yml
command:
- '--config.file=/etc/prometheus/prometheus.yml'
ports:
- '9090:9090'
node-exporter:
image: prom/node-exporter
ports:
- '9100:9100'
cadence:
image: ubercadence/server:master-auto-setup
ports:
- "8000:8000"
- "8001:8001"
- "8002:8002"
- "8003:8003"
- "7933:7933"
- "7934:7934"
- "7935:7935"
- "7939:7939"
- "7833:7833"
environment:
- "CASSANDRA_SEEDS=cassandra"
- "PROMETHEUS_ENDPOINT_0=0.0.0.0:8000"
- "PROMETHEUS_ENDPOINT_1=0.0.0.0:8001"
- "PROMETHEUS_ENDPOINT_2=0.0.0.0:8002"
- "PROMETHEUS_ENDPOINT_3=0.0.0.0:8003"
- "DYNAMIC_CONFIG_FILE_PATH=config/dynamicconfig/development.yaml"
- "ENABLE_OAUTH=true"
- "OAUTH_PUBLIC_KEY=config/credentials/keytest.pub"
- "OAUTH_PRIVATE_KEY=config/credentials/keytest"
depends_on:
- cassandra
- prometheus
cadence-web:
image: ubercadence/web:latest
environment:
- "CADENCE_TCHANNEL_PEERS=cadence:7933"
ports:
- "8088:8088"
depends_on:
- cadence
grafana:
image: grafana/grafana
user: "1000"
depends_on:
- prometheus
ports:
- '3000:3000'

0 comments on commit 4c2bcc7

Please sign in to comment.